diff options
-rw-r--r-- | src/xyz/euandreh/queue.scm | 306 |
1 files changed, 297 insertions, 9 deletions
diff --git a/src/xyz/euandreh/queue.scm b/src/xyz/euandreh/queue.scm index 090a700..8475734 100644 --- a/src/xyz/euandreh/queue.scm +++ b/src/xyz/euandreh/queue.scm @@ -1,14 +1,18 @@ (define-module (xyz euandreh queue) #:use-module ((guix licenses) #:prefix license:) #:use-module ((nonguix licenses) #:prefix ng-license:) + #:use-module ((srfi srfi-1) #:prefix srfi-1:) + #:use-module ((xyz euandreh heredoc) #:prefix heredoc:) + #:use-module (guix build-system gnu) + #:use-module (guix build-system python) + #:use-module (guix build-system trivial) #:use-module (guix download) #:use-module (guix gexp) #:use-module (guix git-download) #:use-module (guix packages) - #:use-module (guix build-system gnu) - #:use-module (guix build-system python) - #:use-module (guix build-system trivial) + #:use-module (guix records) #:use-module (guix utils) + #:use-module (gnu) #:use-module (gnu packages check) #:use-module (gnu packages cpio) #:use-module (gnu packages cups) @@ -28,7 +32,15 @@ #:use-module (gnu packages python-xyz) #:use-module (gnu packages time) #:use-module (gnu packages tls) - #:use-module (gnu packages xml)) + #:use-module (gnu packages xml) + #:use-module (gnu services shepherd)) +(heredoc:enable-syntax) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; packages ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + (define-public epson-L365 @@ -82,11 +94,9 @@ System (CUPS) under Linux. It supplies high quality printing with Seiko Epson Color Ink Jet Printers.") (home-page "https://www.openprinting.org/driver/epson-201401w") - ;; Plus the "SEIKO EPSON CORPORATION SOFTWARE LICENSE AGREEMENT": - ;; https://epson.com/SoftwareLicenseAgreement - (license - (list license:lgpl2.1 - ng-license:nonfree)))) + (license ;; SEIKO EPSON CORPORATION SOFTWARE LICENSE AGREEMENT + (list (ng-license:nonfree "https://epson.com/SoftwareLicenseAgreement") + license:lgpl2.1)))) (define-public mailutils-sendmail (package @@ -541,6 +551,284 @@ This package provides a daemon to display notifications of iCalendar events") (license license:gpl3))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; services ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + + + +(define-record-type* <shadow-group-configuration> + shadow-group-configuration + make-shadow-group-configuration + shadow-group-configuration? + (group shadow-group-configuration-group (default "shadow"))) + +(define (shadow-group-activation config) + (match-record config <shadow-group-configuration> + (group) + #~(begin + (use-modules (guix build utils)) + (format (current-error-port) + "Setting ownership and permission for \"/etc/passwd\".~%") + (chown "/etc/shadow" + (passwd:uid (getpwnam "root")) + (group:gid (getgrnam #$group))) + (chmod "/etc/shadow" #o640)))) + +(define (shadow-group-accounts config) + (match-record config <shadow-group-configuration> + (group) + (list + (user-group + (name group) + (system? #t))))) + +(define shadow-group-service-type + (service-type + (name 'shadow-group) + (extensions + (list + (service-extension activation-service-type + shadow-group-activation) + (service-extension account-service-type + shadow-group-accounts))) + (default-value (shadow-group-configuration)) + (description "FIXME:DOCUMENTATION: heredoc syntax?"))) + + +(define-record-type* <cyrus-service-configuration> + cyrus-service-configuration + make-cyrus-service-configuration + cyrus-service-configuration? + (name cyrus-service-configuration-name) + (authmech cyrus-service-configuration-authmech (default "saslauthd"))) + +(define-record-type* <cyrus-sasl-configuration> + cyrus-sasl-configuration + make-cyrus-sasl-configuration + cyrus-sasl-configuration? + (cyrus-sasl cyrus-sasl-configuration-cyrus-sasl (default cyrus-sasl)) + (authmech cyrus-sasl-configuration-authmech (default "shadow")) + (services cyrus-sasl-configuration-services (default '())) + (state-dir cyrus-sasl-configuration-state-dir (default "/var/lib/saslauthd"))) + +(define (cyrus-sasl-etc-files config) + (match-record config <cyrus-sasl-configuration> + (services state-dir) + `(("sasl2" + ,(file-union + "cyrus-sasl" + (map (lambda (service-config) + (match-record service-config <cyrus-service-configuration> + (name authmech) + `(,name ,(plain-file + name + (format #f + #"- + pwcheck_method: ~a + saslauthd_path: ~a/mux + log_level: 7 + "# + authmech + state-dir))))) + services)))))) + +(define (cyrus-sasl-activation config) + (match-record config <cyrus-sasl-configuration> + (state-dir) + #~(begin + (use-modules (guix build utils)) + (format (current-error-port) + "Creating Cyrus SASL socket directory: \"~a\".~%" #$state-dir) + (mkdir-p #$state-dir)))) + +(define (cyrus-sasl-shepherd-service config) + (match-record config <cyrus-sasl-configuration> + (cyrus-sasl authmech state-dir) + (list + (shepherd-service + (provision '(cyrus-sasl)) + (documentation "FIXME:DOCUMENTATION: heredoc syntax?") + (start #~(make-forkexec-constructor + (list + #$(file-append cyrus-sasl "/sbin/saslauthd") + "-a" + #$authmech + "-d" + "-m" + #$state-dir) + #:user "root" + #:user "root")) + (stop #~(make-kill-destructor)))))) + +(define cyrus-sasl-service-type + (service-type + (name 'cyrus-sasl) + (extensions + (list + (service-extension etc-service-type + cyrus-sasl-etc-files) + (service-extension activation-service-type + cyrus-sasl-activation) + (service-extension profile-service-type + (compose list cyrus-sasl-configuration-cyrus-sasl)) + (service-extension shepherd-root-service-type + cyrus-sasl-shepherd-service))) + (compose srfi-1:concatenate) + (extend (lambda (config services) + (cyrus-sasl-configuration + (inherit config) + (services + (append + (cyrus-sasl-configuration-services config) + services))))) + (default-value (cyrus-sasl-configuration)) + (description "FIXME:DOCUMENTATION: heredoc syntax?"))) + + +(define-record-type* <dkimproxyout-configuration> + dkimproxyout-configuration + make-dkimproxyout-configuration + dkimproxyout-configuration? + (dkimproxy dkimproxyout-configuration-dkimproxy (default dkimproxy)) + (user dkimproxyout-configuration-user (default "dkimproxyout")) + (group dkimproxyout-configuration-group (default "dkimproxyout")) + (listen dkimproxyout-configuration-listen (default "127.0.0.1:10027")) + (relay dkimproxyout-configuration-relay (default "127.0.0.1:10028")) + (domains dkimproxyout-configuration-domains (default (list (gethostname)))) + (selector dkimproxyout-configuration-selector (default "dkimproxy")) + (key-size dkimproxyout-configuration-key-size (default 2048)) + (data-directory dkimproxyout-configuration-data-directory (default "/var/lib/dkimproxyout"))) + +(define (generate-out.cf config) + (match-record config <dkimproxyout-configuration> + (listen relay domains selector data-directory) + (format #f + #"- + listen ~a + relay ~a + + domain ~a + selector ~a + + signature dkim(c=relaxed/relaxed) + + # FIXME:DOCUMENTATION add this to the service documentation + # the corresponding public key is available at: + # ~a/public.key + keyfile ~a/private.key + "# + listen + relay + (string-join domains ",") + selector + data-directory + data-directory))) + +(define (dkimproxyout-etc-files config) + (match-record config <dkimproxyout-configuration> + () + `(("dkimproxy_out.conf" ,(plain-file "dkimproxy_out.conf" (generate-out.cf config)))))) + +(define (dkimproxyout-accounts config) + (match-record config <dkimproxyout-configuration> + (user group) + (list + (user-account + (name user) + (group group) + (comment "DKIMproxy-out signing system user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin")) + (system? #t)) + (user-group + (name group) + (system? #t))))) + +(define (dkimproxyout-activation config) + (match-record config <dkimproxyout-configuration> + (user group data-directory key-size) + #~(begin + (use-modules (guix build utils)) + (let ((uid (passwd:uid (getpwnam #$user))) + (gid (group:gid (getgrnam #$group)))) + (format (current-error-port) + "Creating DKIMproxy-out data directory: \"~a\".~%" #$data-directory) + (mkdir-p #$data-directory) + (chown #$data-directory uid gid) + (chmod #$data-directory #o755) + (let ((private-key (string-append #$data-directory "/private.key")) + (public-key (string-append #$data-directory "/public.key"))) + (unless (file-exists? private-key) + (cond + ((zero? (system* #$(file-append openssl "/bin/openssl") + "genrsa" + "-out" + private-key + (number->string #$key-size))) + (format (current-error-port) + "DKIMproxy private key file created: \"~a\".~%" private-key)) + (else + (format (current-error-port) + "Failed to create DKIMproxy private key file: \"~a\".~%" private-key)))) + (invoke #$(file-append openssl "/bin/openssl") + "rsa" + "-in" + private-key + "-pubout" + "-out" + public-key) + (format (current-error-port) + "Setting permissions for the public/private DKIMproxy keypair: \"~a/{public,private}.key\".~%" #$data-directory) + (chown private-key uid gid) + (chown public-key uid gid) + (chmod private-key #o400) + (chmod public-key #o644)))))) + +(define (dkimproxyout-shepherd-service config) + (match-record config <dkimproxyout-configuration> + (dkimproxy user group) + (list + (shepherd-service + (provision '(dkimproxy)) + (documentation "FIXME:DOCUMENTATION: heredoc syntax?") + (start #~(make-forkexec-constructor + (list + #$(file-append dkimproxy "/bin/dkimproxy.out") + "--conf_file=/etc/dkimproxy_out.conf") + #:user #$user + #:group #$group)) + (stop #~(make-kill-destructor)) + (actions + (list + (shepherd-action + (name 'configuration) + (documentation "FIXME:DOCUMENTATION: heredoc syntax?") + (procedure + #~(lambda _ + (format #t "/etc/dkimproxy_out.conf~%")))))))))) + +(define dkimproxyout-service-type + (service-type + (name 'dkimproxy) + (extensions + (list + (service-extension etc-service-type + dkimproxyout-etc-files) + (service-extension account-service-type + dkimproxyout-accounts) + (service-extension activation-service-type + dkimproxyout-activation) + (service-extension profile-service-type + (compose list dkimproxyout-configuration-dkimproxy)) + (service-extension shepherd-root-service-type + dkimproxyout-shepherd-service))) + (default-value (dkimproxyout-configuration)) + (description "FIXME:DOCUMENTATION: heredoc syntax?"))) + + + (list epson-L365 mailutils-sendmail |